Create your own Software Deployment Repository with Azure and Intune

As you might know, within Intune you can only install applications on devices, if they are coming as an MSI. If you want to deploy anything else, this blog might be helpful for you.
Let me talk about the requirements:

Azure Subscription for Storage

Intune Subscription (obviously)

This blog will provide the information how you can achieve this, and at the end, you will get a sample implementation from my LAB.

Yes, that’s it. Now let us start creating the Azure Storage, and how you can access it. Go to the Azure portal, and open the storage accounts section. You can use the classic storage account as well, but I would recommend the newer ones:

Click on Add, to add a storage account, if you don’t want to use an existent one. The creation process of a new storage account is straight forward, mind to select the appropriate replication model:

After the storage Account is created, you can go ahead and get the access token, which we need afterwards. Click on your newly created storage account, and click on “Shared access signature” afterwards, the following screen should appear:

Within this page, you can select how long the generated access token is valid, or for which access it will allow. This is the most restrict version I figured out to use, for downloading the files within the repository.
Allowed Services: Blob
Allowed Resource Types: Service, Container, Object
Allowed Permissions: Read, List

Afterwards you can click on generate SAS and connection string, and copy the SAS token string, thus it’s the only one we require:

Putting this in your browser URL-bar should start the download of the file, and if it’s working, we only need a script, which will trigger the installation. Here comes my created script in action, it will download the required files, and will start an installation afterwards. The script is not yet golden, it is missing an option to download the files through BITS. And also some Variables inside the Script could be replaced with Input Parameters. Time will tell if I can upgrade the script.
Mind to adjust the line 15-17 and 20-21 to your needs. You can also install MSI files, if so, you will need to adjust line 19, beside 20-21.
The script expects a file called “fileinfo.txt” in the root of the Container, conataining all the files required to download on a separate line. The file should lool like follows:

3 thoughts on “Create your own Software Deployment Repository with Azure and Intune”

Thanks a lot for these inputs. I’d like to give a feedback on the way to download files from Azure you’re using (Invoke-WebRequest cmdlet). It may be too slow to use as part of a Powershell script launched through Intune as there a timeout of 10mn for a script to run once triggered by the Intune Management extension.
Depending of the Internet bandwidth, you may face issues.
I would recommend to use a System.Net.WebClient object which is more efficient :

[…] PowerShell Script Last but not least, you can create a PowerShell script, which will do all the required modification on the client. But I would highly recommend to avoid PowerShell scripts as much as possible, as the settings are not really managed with this solution. It is more a Fire and Forget solution, which might be valid for some use-cases, no doubt about that. But in general, try to configure the required Windows 10 settings through the different Intune blade Options. So as mentioned before, I will set the HiberBoot option through a PowerShell script, and I’m quited confident, that it should work. I think this will be my next blog, where I can tell, if it worked or not 🙂 But see this previous blog, where I described the Application deployment with Intune and PowerShell (with the new Win32 wrapper of Intune, the process in this blog is no longer needed): Create your own Software Deployment Repository with Azure and Intune […]